[webkit-changes] [WebKit/WebKit] 4456ae: CrashTracer: com.apple.WebKit.WebContent at WebCor...

Tim Nguyen noreply at github.com
Fri Jul 7 20:29:08 PDT 2023 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 4456ae32f14391aefedccdc1a70b6c9d0205567d
      https://github.com/WebKit/WebKit/commit/4456ae32f14391aefedccdc1a70b6c9d0205567d
  Author: Tim Nguyen <ntim at apple.com>
  Date:   2023-07-07 (Fri, 07 Jul 2023)

  Changed paths:
    M Source/WebCore/page/PrintContext.cpp
    M Source/WebKit/UIProcess/WebPageProxy.h
    M Source/WebKit/UIProcess/ios/WKContentView.mm
    M Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm
    M Source/WebKit/WebProcess/WebPage/WebPage.h
    M Source/WebKit/WebProcess/WebPage/WebPage.messages.in
    M Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm

  Log Message:
  -----------
  CrashTracer: com.apple.WebKit.WebContent at WebCore: WebCore::PrintContext::spoolPage
https://bugs.webkit.org/show_bug.cgi?id=259004
rdar://106592620

Reviewed by Tim Horton.

This crash happens when the number of page changes from the moment where we initiate print preview and the moment where draw the image.
This can cause out of bounds access if the number of pages decreased.

Since:
- the number of pages is always fetched from the WebProcess (pageRects.size()) in _attributesForPrintFormatter
- the pageCount is not used after the UIProcess received the image from the WebProcess

We do not need to pass a stale page count from the UIProcess to the WebProcess, we can just let the WebProcess use the most up-to-date page count.

There is a chance of mismatch between the number of pages displayed in the Print UI and the number of pages actually drawn, but that isn't something
that needs to be solved at the WebKit level. The relevant Print UI can just call `_recalcPageCount` once again and get the up-to-date page count.

* Source/WebCore/page/PrintContext.cpp:
(WebCore::PrintContext::spoolPage):
* Source/WebKit/UIProcess/WebPageProxy.h:
* Source/WebKit/UIProcess/ios/WKContentView.mm:
(-[WKContentView _createImage:printFormatter:]):
* Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm:
(WebKit::WebPageProxy::drawToImage):
* Source/WebKit/WebProcess/WebPage/WebPage.h:
* Source/WebKit/WebProcess/WebPage/WebPage.messages.in:
* Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm:
(WebKit::WebPage::drawToImage):

Canonical link: https://commits.webkit.org/265876@main

More information about the webkit-changes mailing list